Tidelift partners directly with the maintainers of thousands of open source components to manage them for you, satisfying the basic criteria you’d require for any commercial-grade software:
- Security: Verified updates for zero-day vulnerabilities, coordinated security response, and immediate notifications of which of your applications are impacted, with the fix prepared for you. Like your phone, just “apply updates” to stay secure.
- Licensing: Verified-accurate open source licenses (including IP indemnification) and customizable policy enforcement. Your up-to-date software “bill of materials” is always one click away.
- Maintenance: Tidelift continuously guides you on your upgrade path, steering you towards the best packages and versions for your particular application. It’s like a GPS for open source software.
If you are interested in learning more about how we work with our partnered open source maintainers (ie. lifters), we recommend the following articles:
The above articles are part of a separate set of resources specifically for these partnered maintainers.
If you currently maintain an open source package and are interested in getting paid for the value you create, begin the process here.